How can I exclude a computer from SonicWall content filtering service (CFS)?

12/20/2019 1116 21318

DESCRIPTION:

How to exclude a computer from SonicWall Content Filtering Service (CFS)

RESOLUTION:

IP address ranges can be manually added to or deleted from the CFS Exclusion List. Content filtering is disabled for IP addresses in the CFS exclusion list. These address ranges are treated as trusted domains. Select CFS Exclusion List to enable this feature.

The Do not bypass CFS blocking for the administrator checkbox controls content filtering for administrators. By default, when the administrator (“admin” user) is logged into the SonicOS management interface from a system, CFS blocking is suspended for that system’s IP address for the duration of the authenticated session. If you prefer to provide content filtering and apply CFS policies to the IP address of the administrator’s system, select the Do not bypass CFS blocking for the administrator checkbox.

To add a range of IP addresses to the CFS exclusion list, follow these steps.

1. Login to the SonicWall management Interface.
2. Navigate to Manage |Security Configuration | Ssecurity Services |Content Filter.
3. Select the Enable CFS Exclusion List checkbox.
4. Click Create new address object next to excluded address. The Add Address Object window is displayed.
5. Enter the first IP address in the range in the IP Address From: field and the last address in the IP Address To: field.
6. Click OK.
7. Click Accept on the Security Services | Content Filter page. The IP address range is added to the CFS exclusion list.

Modifying or Temporarily Disabling the CFS Exclusion List

To modify or temporarily disable the CFS exclusion list:

1. To keep the CFS exclusion list entries but temporarily allow content filtering to be applied to these IP addresses, Select None next to the Excluded Address. 
2. To edit a trusted domain entry, click Edit icon. 
3. To delete an individual trusted domain, click  Delete icon for the entry. 
4. To delete all trusted domains, click Delete All.

Resolution for SonicOS 6.2 and Below

The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.

IP address ranges can be manually added to or deleted from the CFS exclusion list. Content filtering is disabled for IP addresses in the CFS exclusion list. These address ranges are treated as trusted domains. Select Enable CFS Exclusion List to enable this feature.

The Do not bypass CFS blocking for the administrator checkbox controls content filtering for administrators. By default, when the administrator (“admin” user) is logged into the SonicOS management interface from a system, CFS blocking is suspended for that system’s IP address for the duration of the authenticated session. If you prefer to provide content filtering and apply CFS policies to the IP address of the administrator’s system, select the Do not bypass CFS blocking for the administrator checkbox.

To add a range of IP addresses to the CFS Exclusion List, follow these steps.

1. Login to the SonicWall management interface.
2. Navigate to Security Services |Content Filter.
3. Select the Enable CFS Exclusion List checkbox.
4. Click Add. The Add CFS Range Entry window is displayed.
5. Enter the first IP address in the range in the IP Address From: field and the last address in the IP Address To: field.
   
6. Click OK.
7. Click Accept on the Security Services | Content Filter page. The IP address range is added to the CFS exclusion list.

Modifying or Temporarily Disabling the CFS Exclusion List

To modify or temporarily disable the CFS exclusion list:

1. To keep the CFS exclusion list entries but temporarily allow content filtering to be applied to these IP addresses, Uncheck the Enable CFS Exclusion List checkbox. 
2. To edit a trusted domain entry, click the Edit icon.
3. To delete an individual trusted domain, click  Delete icon for the entry. 
4. To delete all trusted domains, click Delete All.